- The Problem
- The Solution
- VCSU A Case Study
- Additional Information
- About the Authors
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
VCSU – A Case Study
This section describes a case study of a customer that is using pGINA.
Valley City State University or VCSU, is a small liberal arts college in Valley City, North Dakota, just south of Fargo.
VCSU is known as a teacher's college—that is, they educate K-12 teachers and provide post-graduate education to teachers.
VCSU isn't very large, but they have an edge with technology. They were one of the first colleges in the country to provide laptops to students as part of tuition, even before Dartmouth and other prestigious schools. Currently, they are implementing 802.11g wireless access across 80% of their campus, providing 54 Mbps throughput. Additionally, VCSU has roughly 2300 10/100 Mbps switched Ethernet connections across campus.
VCSU has an enrollment of roughly 1100 students and a faculty and staff of about 400.
The IT staff supports approximately 1200 Windows-based PCs: 1100 laptops and 100 desktops. These can be broken down into four profiles: student laptops, faculty laptops, administration desktops, and lab (public) desktops. The IT group has a total of 16 people, including part time assistants, who are responsible for all aspects of computing at the University.
Challenges
About two years ago, VCSU was faced with major changes. Support was coming to an end for Windows 95/98/Me as well as Windows NT. They knew they needed to make a change soon. However, they weren't thrilled with Microsoft and wanted to avoid the migration to Active Directory.
VCSU was using Novell's Netware for base services such as login and authentication for several NT domains. These servers also provided both file and print services.
To reduce the use of the servers and avoid more Windows NT boxes, VCSU started offloading the print services by migrating to network-based printers with built-in support for Windows clients (as well as other standards).
The ultimate goal was to limit Microsoft to the desktop and have a better operating system for the backend systems. They standardized using Solaris™ and Linux operating systems.
Eventually, after moving services off of Microsoft, VCSU reduced their total number of servers for the core functions, from 14 down to 8.
Solution
VCSU's software architecture now consists of the following Sun software:
LDAP by way of Sun directory server software using a multiple master configuration
Email using the Sun messaging server software
Campus-wide calendar services provided by Sun's calendar server software
A campus portal for learning using the Sun portal server software with single sign on (SSO) to their Blackboard Learning Management System (LMS)
Additional Software for a Complete Solution
The Sun products alone were not enough to provide the total solution. Other products were required to provide file services, desktop management services, software license management, and some network management. The following sections describe what VSCU used to fill in the gaps.
pGINA
pGINA provides the ultimate solution in regards to limiting Microsoft to the desktop. VCSU uses pGINA to avoid using Microsoft Active Directory by authenticating users to a Sun directory server. pGINA also affords VCSU the ability to customize the user login experience (FIGURE 5) and gives them more control over the desktop.
)
FIGURE 5
Customized VCSU Login Window
SAMBA 2.2 for File Services Only (no print services)
Samba is configured to use Common Internet File System (CIFS) and normal Windows protocols with the clients while using LDAP with PAM on the Solaris server on the backend.
Norton Ghost for Desktop Management
Deploying updates as well as disk image management is key to keeping administration overhead low. VCSU has five or six standard disk images. Any additional software can be added by way of an authenticated web site. Desktops and laptops are reloaded each year at a minimum. Other Norton utilities are used for updates.
Sassafras for Software License Management
The additional software is centrally managed. VCSU chose Sassafras K2 as their license key software management product. This allows VCSU to deploy the software physically to many laptops, either as part of the default image or as an added option, while controlling licensing. For example, Adobe Photoshop is required for some class work but not all. Using Sassafras, VCSU only needs to purchase 150 licenses, yet Photoshop is loaded on all the laptops by default. When a user wants to use Photoshop, a license is checked out from the Sassafras server. Licenses are kind of like Dynamic Host Configuration Protocol (DHCP) addresses in that they are leased from the server for a period of time.
One interesting feature provided by the Sassafras software is the ability to set policies so that professors on campus get longer leases, say a week, compared with students who might only get a 24-hour lease. Microsoft Project is an application that is used from time-to-time by students and staff, but not routinely. It's not part of the standard image. When individuals on campus need to use the software, they log in to the Sassafras server and perform a network install. They obtain an initial license key in the same manner as described in the Photoshop example.
At any given time, the IT department can use the Sassafras management reports feature to see how many licenses are active versus how many total licenses are owned. At the end of the year, they can use these reports to make critical decisions about ongoing support and upgrade expenditures.
MRTG, Netflow Data, and Packeteer Packetshaper for Network Traffic Management
Multi Router Traffic Grapher (MRTG) is a graphical charting and reporting tool to monitor the traffic load on network links. It is used to monitor dozens of devices including routers, switches, firewalls, servers, modems, and UPSs. Netflow data is collected from the core router and processed to provide analysis of Internet Protocol (IP) flows. VCSU uses it to detect Denial of Service attacks, infected hosts, and peer-to-peer applications like Kazaa. Packeteer Packetshaper is an application traffic management appliance that provides bandwidth management control.
Cisco Pix for Firewalls
Cisco Pix security appliances provide the campus with the needed levels of network security.
Cisco Content Switch for Load Balancing
The new Cisco Content Switch is an updated version of the older Cisco Director product. It provides load balancing in a more protocol aware manner (for example, balancing takes place in higher layers of the OSI stack).
NetReg
NetReg is an automated system that requires campus users to register their hardware (MAC addresses) before gaining full network access in a DHCP environment. An LDAP module is used to authenticate the campus user during the registration process. It was developed by Southwestern University and is available under GNU license.
Supporting Hardware
Most of VCSU's servers are Sun Fire™ 280R servers using Sun StorEdge™ A1000 devices for locally attached storage. The exceptions to this are at the lower level where services such as DHCP are delivered. In these cases, Sun Fire V120s and Sun™ LX50s servers are used.
More pGINA Success Stories
The following academic institutions are also taking advantage of the benefits of pGINA:
Miami University – Ohio
Curtin University of Technology – Australia
University of Guelph – Canada
Pacific Lutheran University – Washington
University of Technology Sydney – Australia
University of Calgary – Canada
University of Malaga – Spain
University of Sussex – England